How to Install CouchDB on Ubuntu 22.04 with Nginx Proxy and Certbot SSL

In this guide, we’ll walk through the steps to install CouchDB on Ubuntu 22.04 and configure it with Nginx as a reverse proxy along with SSL certificates using Certbot.

Apache CouchDB is an open-source NoSQL database known for its multi-master replication and reliability. It uses an HTTP/JSON API, making it compatible with modern web and mobile applications.

Prerequisites:

• A server running Ubuntu 22.04
• Root or non-root user with sudo privileges
• A domain name with a DNS A record pointing to your server’s IP

Step 1: Update Server and Install Dependencies

Start by updating the server and installing required dependencies:

sudo apt update && sudo apt install -y curl apt-transport-https gnupg

Step 2: Add CouchDB Repository and Import Key

Next, configure the CouchDB repository and add the official key:

curl https://couchdb.apache.org/repo/keys.asc | gpg --dearmor | sudo tee /usr/share/keyrings/couchdb-archive-keyring.gpg >/dev/null 2>&1

Add the CouchDB repository:

echo "deb [signed-by=/usr/share/keyrings/couchdb-archive-keyring.gpg] https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/couchdb.list >/dev/null

Update the package list:

sudo apt update

Note: If you encounter the following error:

E: Malformed entry 1 in list file /etc/apt/sources.list.d/couchdb.list (Component)

Edit the couchdb.list file and add jammy (or the appropriate Ubuntu codename) before main.

Step 3: Install CouchDB

Install CouchDB using the following command:

sudo apt install -y couchdb

During the installation, you will be prompted with configuration options:

1. Configuration type: Choose either 1 for standalone or 2 for clustered mode.
2. Erlang cookie: Set a unique identifier (e.g., monkey) for your CouchDB cluster.
3. Bind address: For standalone mode, use 127.0.0.1; for clustered, use 0.0.0.0.
4. Admin password: Set a password for the CouchDB admin user.

Once the installation is complete, CouchDB should be up and running. You can verify it by visiting:

http://<server-ip>:5984/_utils/

Step 4: Configure Nginx Proxy

Next, configure Nginx to act as a reverse proxy for CouchDB.

1. 1. Install Nginx:

sudo apt install -y nginx apache2-utils

1. 1. Remove the default Nginx configuration:

sudo rm -rf /etc/nginx/sites-enabled/default

1. 1. Create a new Nginx config file for CouchDB:

sudo nano /etc/nginx/sites-available/couchdb-site

Add the following content:

server {
    listen 80 default_server;
    server_name couchdb.local;

    location / {
        proxy_pass http://localhost:5984;
        proxy_redirect off;

        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

1. 1. Create a symbolic link to enable the new configuration:

sudo ln -s /etc/nginx/sites-available/couchdb-site /etc/nginx/sites-enabled/

1. 1. Test Nginx configuration:

sudo nginx -t

1. 1. Restart Nginx:

sudo systemctl restart nginx

Step 5: Configure UFW Firewall

If UFW (Uncomplicated Firewall) is not enabled, activate it:

sudo ufw enable

Allow necessary ports:

sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 5984/tcp

Check the UFW status:

sudo ufw status

Step 6: Install Certbot for SSL

To secure your CouchDB instance with SSL, install Certbot:

sudo apt install certbot python3-certbot-nginx -y

Step 7: Obtain SSL Certificate

Obtain an SSL certificate for your domain with Certbot:

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

During the process, you will be prompted to provide an email address and agree to the terms of service.

Certbot will automatically configure Nginx to use the SSL certificate.

Conclusion

You’ve successfully installed CouchDB on Ubuntu 22.04, configured it with Nginx as a reverse proxy, and secured it with SSL using Certbot. Your CouchDB instance is now ready to handle requests securely.